SSL VPN: Convert .ovpn to .apc/.epc for Site-to-Site SSL Tunnels
Please make a tool to conver regular openvpn configuartion files to your apc/epc format. Without such a tool it is impossible to use an astaro as client for existing openvpn server.
please can you make this possible... this is a real killer on this firewall for me... I have been able to make Pfsense do it... with VPN providers becoming more prevalent this would be useful for many people
Is it possible to configure the UTM as a IPSec VPN client?
Please please please!
Scott Clanton commented
This is definitely a needed feature
Please Sophos.. at least acknowledge this request.
I have built my own IPSEC VPN routers using the StrongSWAN stuff. I can help you do it too; we ditched a lot of our Sophos Astaro units.
I'm amazed that sophos is ignoring so many requests. Considering that so many of the building blocks, such as openvpn, ipv6 tunnels and proxy servers are supported, it makes no sense why this feature has not been implemented. I'm running out of patience. I've avoided pfsense because it wouldn't run on hyper-v, but that has changed with the latest release. I'm giving it a close look. I would rather not stop using utm, but I do not like having to manually manage a vpn.
needless to say that I also really would like to have this feature (for a lot of reasons (:P)
what is my suggestion?
well, I understand, that is quite difficult to have this feature implemented in the GUI of the the UTM ... for the complexity of modes, parameters and ....
so, offer a external command line tool for this conversion (linux, win, java)
unbelievable lack of vendor response!
Jacob Bird commented
Any word on this this request has been open for years!
Sophos, please take action on that and bring us OpenVPN client to Sophos UTM.
Others are also capable acting as an OpenVPN Client.
Ya, Sophos is okay, but I'm switching back to pfsense at home (has OpenVPN support), and choosing Fortinet for the office.
Sophos - do something. People are migrating away from UTM because the Lack of this feature.
Since this request is now older than 4 years, I hope this will be finally implemented.
Eelke van Someren commented
One vote from me. Please buildin support for OpenVPN in Site-to-Site VPN.
Make this please.
And apc/epc back to ovpn, surely?
Andreas Rehm commented
This is a needed function!
Sophos, this really isn't all that hard to achieve. I understand there may be specific additional options which are outside the parameters of the standard OVPN client configuration files - but why make it so hard to utilise a UTM as an OpenVPN endpoint when UTM itself uses OpenVPN for VPN?
It really is very simple. Allow a download of a ZIP archive containing both the APC/EPC format AND the OpenVPN client configuration files, and allow for either option in the import. If you export a config from another UTM; upload the entire archive with APE/EPC and ignore the OpenVPN client configuration in the same way UTM works currently. If somebody chooses to import an .OVPN file, then manually request whatever additional information UTM requires to get a working tunnel going.
Having looked into a .APC file myself I cannot see what possible need there is to enforce this proprietary standard on the users of UTM. I had planned on using the UTM as a private VPN client device in site-to-site mode, but having discovered it is impossible to get it working with a well-known standard configuration file - I am now left to looking for alternatives. I know all too well that behind the scenes UTM simply employs standard OVPN files based upon the APC format - so I really cannot see why this capability would be impossible to achieve.
With more than twice as many votes as the next VPN feature request, make sure this one is in the next release! I am not the only one entirely frustrated by such a ridiculously pointless proprietary standard on an open source framework.
Fabio Schiattarella commented
I vote for this feature too. I definitely could use it.